SME - Operations Governance & Compliance

As a Governance, Risk Management, and Compliance Specialist, your primary responsibilities will include: - Tracking all policy process documents to ensure they are up to date as per standard requirements. This includes conducting the annual review of ISMS, ITSM & SOPs. - Amending policy process documents and updating necessary versions as needed. - Interviewing and monitoring the process effectiveness with internal team members periodically to ensure compliance meets standard requirements. - Tracking and updating the training dashboard, attendance records, and assessment records on SharePoint. - Collecting and storing documented evidence in the central SharePoint folder regularly, at least monthly, to fulfill SOC1, SOC2 & PCI DSS control requirements. - Coordinating with team members to ensure KPI metrics for ISMS & ITSM are updated periodically and testing data points for sample controls. - Reviewing and responding to RFPs against compliance requirements and arranging supporting documents. - Maintaining the statutory compliance legal register up to date and alerting the team to initiate processes 120 days in advance. - Keeping the certificate tracker up to date and sharing it upon request from sales, marketing, or other internal stakeholders. - Coordinating with onboarded third-party consultants and providing support for understanding on-ground practices. - Coordinating customer audits to ensure they align with agreed terms and services provided. - Collaborating with auditees during group level audits to ensure successful completion. - Coordinating third-party external audits by arranging travel, accommodations, auditee details, and audit venues. - Ensuring audit findings are agreed upon by stakeholders before publishing and tracking and closing audit reports before the expected closure date. - Creating inputs for MIS reports for fortnightly and monthly review with management on a timely basis. QUALIFICATIONS: - Education: Bachelor's degree in Information Technology, Computer Science, or a related field. Advanced degree or certifications such as Lead Auditor in ISO27001 & ISO20000, CISA, CISM, CISSP are preferred. - Experience: Minimum of 5 years of experience in governance, risk management, and compliance within data center or IT services. - Skills: Strong understanding of regulatory requirements, risk management principles, and data security best practices. Excellent analytical, communication, and leadership skills. - Experience with data governance tools and technologies. - Knowledge of data center infrastructure and operations. - Ability to work in a fast-paced, dynamic environment.,